Zero trust security

Make it possible

Security Advisory - January 14, 2014

Zscaler Protects against Vulnerability in Windows Kernel which allows Elevation of Privileges

Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for the following 1 vulnerability included in the January 2014 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections as necessary.

Description: An elevation of privilege vulnerability exists in the NDProxy component of the Windows kernel due to improper validation of input passed from user mode to the kernel. The vulnerability could allow an attacker to run code in kernel mode. An attacker who successfully exploited this vulnerability could run a specially crafted application and take complete control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full administrator rights.